Privacy

Related Projects

Related Topics

Privacy has become one of the defining issue of the Information Age. CIS has received national recognition for its interdisciplinary and multi-angle examination of privacy, particularly as it relates to emerging technology.

Albert Gidari is the Consulting Director of Privacy at the Stanford Center for Internet and Society. He was a partner for over 20 years at Perkins Coie LLP, achieving a top-ranking in privacy law by Chambers, before retiring to consult with CIS on its privacy program. He negotiated the first-ever "privacy by design" consent decree with the Federal Trade Commission on behalf of Google, which required the establishment of a comprehensive privacy program including third party compliance audits. Mr.

Dr. Jennifer King is the Director of Privacy at CIS. An information scientist by training, Dr. King is a recognized expert and scholar in information privacy. She examines the public’s understanding and expectations of online privacy and the policy implications of emerging technologies. Her research sits at the intersection of human-computer interaction, law, and the social sciences, focusing on social media, genetic privacy, mobile platforms, the Internet of Things (IoT), and digital surveillance.

Riana Pfefferkorn is the Associate Director of Surveillance and Cybersecurity at the Stanford Center for Internet and Society. Her work, made possible through funding from the Stanford Cyber Initiative, focuses on investigating and analyzing the U.S. government's policy and practices for forcing decryption and/or influencing crypto-related design of online platforms and services, devices, and products, both via technical means and through the courts and legislatures.

Stephen Wm. Smith is a retired federal judge who is now Director of Fourth Amendment & Open Courts at Stanford’s Center for Internet and Society. From 2004 to 2018 he served as a federal magistrate judge in Houston, Texas, where he authored several ground-breaking opinions of first impression on electronic surveillance. In 2005 he wrote one of the first opinions requiring a warrant for cell phone tracking, a position that the Supreme Court recently adopted in its landmark Fourth Amendment case, Carpenter v.

Attorney General Bill Barr gave a speech yesterday at Fordham that revived the encryption debate in the U.S. after a relatively quiet period. Since the departure of Rod Rosenstein, we hadn’t had a federal law enforcement official out there regularly giving speeches condemning encryption (though FBI Director Chris Wray threw his hat in here and there).

You may recall that in February, a federal district court in Fresno denied a petition I filed with the American Civil Liberties Union, the ACLU of Northern California, and the Electronic Frontier Foundation to attempt to shed light on the Department of Justice's attempt to force Facebook to break the encryption on its Messenger app for encrypted voice calls so that Facebook could carry out a wiretap order the DOJ had obtained.

The client shows his lawyer a video he says he took on his cell phone. It shows the defendant saying things that, if seen by the jury, will be a slam dunk for the client’s case. The attorney includes the video in her list of evidence for trial, but the defendant’s lawyers move to strike. They claim it’s a fake. What’s the plaintiff’s lawyer—and the judge—to do?

It is only a matter of time before maliciously manipulated or fabricated content surfaces of a major presidential candidate in 2020. The video manipulation of House Speaker Nancy Pelosi in May demonstrates the speed with which even a “cheap fake” can spread.

Facebook’s recent settlement with the Federal Trade Commission (FTC) has reignited debate over whether the agency is up to the task of protecting privacy. Many people, including some skeptics of the FTC’s ability to rein in Silicon Valley, lauded the settlement, or at least parts of it.

Pages

Encryption helps human rights workers, activists, journalists, financial institutions, innovative businesses, and governments protect the confidentiality, integrity, and economic value of their activities. However, strong encryption may mean that governments cannot make sense of data they would otherwise be able to lawfully access in a criminal or intelligence investigation.

Arguing that a defendant’s conviction for website hacking should be overturned because legitimate, highly valuable security and privacy research commonly employs techniques that are essentially identical to what the defendant did and that such independent research is of great value to academics, government regulators and the public even when – often especially when — conducted without a website owner’s permission.

Arguing that the information publicly available on the NSA's Upstream program, combined with an understanding of how the Internet works, means plaintiff Wikimedia has met its burden of proving standing to challenge Upstream.

Pages

"“The (Supreme) Court says the record is way too thin to justify such a sweeping invasion into his private life,” said Riana Pfefferkorn, a researcher who teaches about cybersecurity law at Stanford University. “Probationers have reduced constitutional rights, but they still have rights, and if the state is to be allowed to intrude upon them to the severe degree that an electronics search condition permits, that invasion has to be justified, and it wasn’t here.”"

"“Even if the phones are well secured, allowing the vendor to take the data off the device and store it on their servers would be a source of security risk,” said Riana Pfefferkorn, associate director of surveillance and cybersecurity at Stanford University’s Center for Internet and Society. “Obviously this data, if held by a private vendor, would be a target for hacking by America’s enemies. Plus, careless security practices could lead to a data breach, or the data could be compromised due to an insider threat, such as an employee selling it without authorization.”"

"Riana Pfefferkorn, associate director of surveillance and cybersecurity at the Stanford Center for Internet and Society, said the issue of compelling defendants to give up access to their phones may be an issue the Supreme Court ultimately takes up, too.

"Instead, companies might continue to wait and see what happens with Brexit and hope that European regulators do not pursue the issue before they spend what could amount to "hundreds of thousands of dollars on very expensive legal solutions," said Omer Tene, Vice President and Chief Knowledge Officer at the International Association of Privacy Professionals.

"Companies entering into agreements relating to data with vendors in the UK, or vice versa, are already weighing the additional friction and cost of getting data in and out post Brexit," he said.

Smart cities, smart buildings, and sensors everywhere are creating a web of surveillance and data collection that threaten privacy on a massive scale. It's not too late to change the dynamic. We just have to be smart about it.

Please join the Honorable BN Srikrishna, Chairman of the Group of Experts on Data Protection in India & former Justice of the Supreme Court of India, as he discusses the drafting of India's first ever data protection framework, submitted to the Indian government on July 27, 2018.

Widespread availability of advanced encryption technology has improved security for consumers and businesses. But as digital products and services have become more secure, some in the law enforcement and intelligence communities have voiced concerns that encryption inhibits their ability to prevent terrorism and prosecute crimes. For example, the Department of Justice is exploring a potential legal mandate requiring companies to design their technologies to allow law enforcement to access consumer data during criminal investigations.

On this episode of National Security Podcast, Katherine Mansted speaks to Scott Schakelford, Angie Raymond, and Abbey Stemler on social media’s influence on democracies, and what international law has to say about data sharing.

A recent Supreme Court case, Carpenter v United States, questioned whether the government could get location data from a cell phone company for a criminal case. The Court held that the government needs a warrant to procure cellphone information because, as Justice Roberts said, “the time stamp data that comes from your cell phone site location information provides an intimate window in a person’s life, revealing not only his particular movements but through them his familiar, political, professional, religious, and sexual associations.